Microsoft Security Bulletins: Current Updates

October 2005

FTP Client Vulnerability - CAN-2005-2126
A tampering vulnerability exists in the Windows FTP client. This vulnerability could allow an attacker to modify the intended destination location for a file transfer, when a client has manually chosen to transfer a file by using FTP. This vulnerability could allow the attacker to write the file to any file system that is located on an affected system.

Vulnerability in Network Connection Manager Could Allow Denial of Service (905414)

Severity: ModerateVulnerabilities:

Network Connection Manager Vulnerability - CAN-2005-2307
A denial of service vulnerability exists that could allow an attacker to send a specially crafted network packet to an affected system. An attacker who successfully exploited this vulnerability could cause the component responsible for managing network and remote access connections to stop responding. If the affected component is stopped due to an attack, it will automatically restart when new requests are received.

Vulnerability in the Client Service for NetWare Could Allow Remote Code Execution (899589)

Severity: ImportantVulnerabilities:

Client Service for NetWare Vulnerability - CAN-2005-1985
A remote code execution vulnerability exists in the Client Service for NetWare (CSNW) that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

Vulnerability in Plug and Play Could Allow Remote Code Execution and Local Elevation of Privilege (905749)

Severity: ImportantVulnerabilities:

Plug and Play Vulnerability - CAN-2005-2120
A remote code execution and local elevation of privilege vulnerability exists in Plug and Play that could allow an authenticated attacker who successfully exploited this vulnerability to take complete control of the affected system.

Collaboration Data Objects Vulnerability - CAN-2005-1987
A remote code execution vulnerability exists in Collaboration Data Objects that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

Shell Vulnerability - CAN-2005-2122
A remote code execution vulnerability exists in Windows because of the way it handles the .lnk file extension. By persuading a user to open a .lnk file with specially-crafted properties an attacker could execute code on an affected system.

Shell Vulnerability - CAN-2005-2118
A remote code execution vulnerability exists in Windows because of the way it handles .lnk file extensions. By persuading a user to view the properties of a specially-crafted .lnk file an attacker could execute code on the affected system.

Web View Script Injection Vulnerability - CAN-2005-2117
A remote code execution vulnerability exists in the way that Web View in Windows Explorer handles certain HTML characters in preview fields. By persuading a user to preview a malicious file, an attacker could execute code. However, user interaction is required to exploit this vulnerability.

DirectShow Vulnerability - CAN-2005-2128
A remote code execution vulnerability exists in DirectShow that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

MSDTC Vulnerability - CAN-2005-2119
A remote code execution and local elevation of privilege vulnerability exists in the Microsoft Distributed Transaction Coordinator that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

COM+ Vulnerability - CAN-2005-1978
A remote code execution and local elevation of privilege vulnerability exists in COM+ that could allow an attacker who successfully exploited this vulnerability to take complete control of the affected system.

TIP Vulnerability - CAN-2005-1979
A denial of service vulnerability exists that could allow an attacker to send a specially crafted network message to an affected system. An attacker could cause the Distributed Transaction Coordinator to stop responding.

Distributed TIP Vulnerability - CAN-2005-1980
A denial of service vulnerability exists that could allow an attacker to send a specially crafted network message to an affected system. An attacker could cause the Microsoft Distributed Transaction Coordinator (MSDTC) to stop responding. This specially crafted message could also be transferred through the affected system to another TIP server. This distributed attack could cause the MSDTC on both systems to stop responding.

Cumulative Security Update for Internet Explorer (896688)

Severity: CriticalVulnerabilities:

COM Object Instantiation Memory Corruption Vulnerability - CAN-2005-2127
A remote code execution vulnerability exists in the way Internet Explorer instantiates COM objects that are not intended to be instantiated in Internet Explorer. An attacker could exploit the vulnerability by constructing a malicious Web page that could potentially allow remote code execution if a user visited the malicious Web site. An attacker who successfully exploited this vulnerability could take complete control of an affected system.